The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
Vulnerable Package issue exists @ Npm-debug-3.2.6 in branch master
The package debug is vulnerable to memory leakage when instance is created inside a function. The function debug in the file common.js does not free up used memory unless there's a call to destroy() function. This affects the availability.
Vulnerable Package issue exists @ Npm-debug-3.2.6 in branch master
The package debug is vulnerable to memory leakage when instance is created inside a function. The function
debug
in the filecommon.js
does not free up used memory unless there's a call todestroy()
function. This affects the availability.Namespace: RobertMickleCx Repository: NodeGoat Repository Url: https://github.com/RobertMickleCx/NodeGoat CxAST-Project: RobertMickleCx/NodeGoat CxAST platform scan: e7941f4d-fb14-4e6e-9cdc-c12dbbe3cdc7 Branch: master Application: NodeGoat Severity: MEDIUM State: NOT_IGNORED Status: RECURRENT CWE: CWE-401
Additional Info Attack vector: NETWORK Attack complexity: LOW Confidentiality impact: NONE Availability impact: LOW
References Issue Pull request Pull request